Gateway as Code

Define your API gateway routes in version-controllable configuration files.

Overview

Gateway as Code (GaC) allows you to define your API gateway routes in a configuration file (nolxy.config.ts or .json) and sync them to the database.

Version Control

Routes are reviewable, versioned, and promotable across environments

CI/CD Integration

Sync routes as part of your deployment pipeline

No Runtime Penalty

Workers use compiled in-memory patterns; no per-request file I/O

Developer-First DX

Familiar config-as-code workflow with TypeScript support

Quick Start

1. Create a Config File

nolxy.config.json
{
  "version": "1.0.0",
  "name": "my-api-gateway",
  "routes": [
    {
      "name": "users-api",
      "path": "/users",
      "targetUrl": "http://localhost:8000",
      "method": "GET",
      "description": "Get all users"
    },
    {
      "name": "user-by-id",
      "path": "/users/:id",
      "targetUrl": "http://localhost:8000",
      "description": "Get user by ID"
    }
  ]
}

2. Preview Changes (Dry Run)

bash
nolxy sync --config ./nolxy.config.json --user-id 1 --dry-run

3. Apply Changes

bash
nolxy sync --config ./nolxy.config.json --user-id 1

Configuration Schema

Root Object

FieldTypeRequiredDescription
versionstringNoSemver version (default: "1.0.0")
namestringNoConfig name (default: "nolxy-config")
routesRouteConfig[]YesArray of route configurations

RouteConfig

FieldTypeRequiredDescription
namestringYesUnique identifier (stable key)
pathstringYesRoute path (e.g., /users/:id, /api/*)
targetUrlstringYesUpstream URL
methodstringNoHTTP method: GET, POST, PUT, DELETE, PATCH, etc. (null = all methods)
descriptionstringNoRoute description
timeoutnumberNoRequest timeout in ms (default: 30000)
isActivebooleanNoEnable/disable route (default: true)
headersRecord<string, string>NoCustom headers to forward to upstream (key-value pairs)
backendSecretstringNoSecret token sent to backend for verification
responseSchemaobjectNoJSON Schema for response validation
cacheCacheConfigNoResponse caching configuration
retryRetryConfigNoRetry configuration
corsCorsConfigNoCORS configuration
circuitBreakerCircuitBreakerConfigNoCircuit breaker configuration
pipelinePipelineConfigNoRequest/response transformation pipeline

CacheConfig

FieldTypeRequiredDescription
enabledbooleanYesEnable response caching
ttlnumberNoCache TTL in seconds (default: 60)
keyHeadersstring[]NoHeaders to include in cache key (e.g., ["Authorization"])
statusCodesnumber[]NoHTTP status codes to cache (default: [200])

RetryConfig

FieldTypeRequiredDescription
enabledbooleanYesEnable automatic retries
countnumberNoMax retry attempts (default: 3)
delaynumberNoDelay between retries in ms (default: 100)
onnumber[]NoHTTP status codes to retry on (e.g., [502, 503, 504])

CorsConfig

FieldTypeRequiredDescription
enabledbooleanYesEnable CORS handling
allowOriginsstring[]NoAllowed origins (e.g., ["https://example.com"])
allowMethodsstring[]NoAllowed HTTP methods (e.g., ["GET", "POST"])
allowHeadersstring[]NoAllowed request headers
exposeHeadersstring[]NoHeaders exposed to the browser
maxAgenumberNoPreflight cache duration in seconds (default: 86400)
credentialsbooleanNoAllow credentials (cookies, auth headers)

CircuitBreakerConfig

FieldTypeRequiredDescription
enabledbooleanYesEnable circuit breaker
failureThresholdnumberNoFailures before opening circuit (default: 5)
failureWindownumberNoWindow to count failures in ms (default: 60000)
successThresholdnumberNoSuccesses needed to close circuit (default: 3)
timeoutnumberNoTime before half-open attempt in ms (default: 30000)

PipelineConfig

FieldTypeRequiredDescription
requestTransform[]NoRequest transformations applied before forwarding
responseTransform[]NoResponse transformations applied before returning

Each Transform has type (string) and optional config (object) fields.

Stable Route Identity

Routes are identified by their name field, not by path + method. This means:

✓ Changing path/method preserves route ID

Analytics and logs stay associated

Cache keys remain stable

✗ Duplicate names are rejected

Each name must be unique

Path+method combos also checked

CI/CD Integration

Use Service Accounts for CI/CD pipelines. Create one from Dashboard → Service Accounts with the gateway:sync and gateway:validate permissions, then store the key in your CI secrets.

GitHub Actions Example

.github/workflows/deploy-gateway.yml
name: Deploy Gateway Config

on:
  push:
    branches: [main]
    paths:
      - 'nolxy.config.json'

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      
      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '24'
      
      - name: Install Nolxy CLI
        run: npm install -g @nolxy/cli
      
      - name: Validate config
        run: nolxy validate --config ./nolxy.config.json
        env:
          NOLXY_SERVICE_KEY: ${{ secrets.NOLXY_SERVICE_KEY }}
      
      - name: Sync config (dry-run on PR)
        if: github.event_name == 'pull_request'
        run: nolxy sync --config ./nolxy.config.json --dry-run
        env:
          NOLXY_SERVICE_KEY: ${{ secrets.NOLXY_SERVICE_KEY }}
      
      - name: Sync config (apply on main)
        if: github.ref == 'refs/heads/main'
        run: nolxy sync --config ./nolxy.config.json
        env:
          NOLXY_SERVICE_KEY: ${{ secrets.NOLXY_SERVICE_KEY }}

Dashboard UI

You can also manage Gateway as Code configurations from the dashboard:

  • Read-only mode: If a route is managed by code, the UI shows a "Managed by Code" badge and disables editing.
  • Drift Detection: The UI warns if the actual config differs from the last synced version.

Dashboard UI

Visual editor with preview, validation, and sync capabilities

Cache Invalidation

When routes are updated via sync, all caches are invalidated automatically. Route changes take effect immediately across all workers — no restart required. Response caches for affected routes are also cleared.

Best Practices

Use Environment Variables

Different targetUrl per environment (dev/staging/prod)

Dry Run First

Always preview changes with --dry-run before applying

Version Control

Commit config files to git for full history and rollback capability

Stable Names

Never change route name unless you want to recreate the route

Analytics DashboardRequest Validation